Security Analyst Support Specialist

Cyber Security Analyst

Isaac D Appiasam

917-***-**** Email: adxrpx@r.postjobfree.com

SUMMARY

* ***** ** *********** ******** / Cybersecurity experience

* ***** ** *****-** experience with IT Support Specialist

CERTIFICATIONS AND TRAINING

CompTIA Security +

Vulnerability Management

Coursera Cybersecurity Compliance Framework

and System Administration

Coursera Information Systems, Auditing, Controls and Assurance

Cybrary - Monitoring Network Traffic with SIEM

Cyber Foundations

SPECIALIZED SKILLS AND KNOWLEDGE

NIST Management Framework

SIEM Tools

Service Now

Security Assessment & Authorization (SA&A)

Security Control Assessment (SCA)

Risk Analysis

POA&M

Continues Monitoring

Enterprise Security

PPE Compliance

IT Integration/IT Strategy

FISMA

Security Testing Tools

Nessus, Qualys

Symantec Endpoint Protection

EXPERIENCE

Security Control Assessor/Admin/Analyst Jan 2019 - Present

SoftAfrique, Newark, NJ

As a Security Control Assessor/Admin (SCA), responsible for conducting a comprehensive assessment of the administrative, operational, and technical security controls employed within or inherited by an Automated Information System (AIS) to determine the overall effectiveness of the controls (i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system).

Conduct and Implement security controls to improve overall security posture of the organization by assessing current security situation, assessing control effectiveness, evaluating trends, and its potential impact on organization’s systems and data.

Develop and implement operational and administrative controls to support compliance policies with a goal to secure data integrity and accuracy.

Perform and maintain host and network-based security control assessments, for continual improvement in vulnerability management processes, determine any security risks, prepare assessment test reports, and take steps to remediate vulnerabilities identified.

Develop and execute security assessment plans to determine whether program-level or system-level security controls are effectively implemented according to Industry best practices, NIST Special Publications and FIPS requirements, PCI DSS and CIS Control baselines.

Regularly, with Security Engineers and other technical teams, review and develop new policies or enhance existing policies to address trends and new security challenges.

Review and analyze the findings that identify security issues on the system and compile results and findings into a final Security Assessment Report, along with assessments and recommendations for remediation.

Cyber Security Analyst Nov 2014 – Dec 2018

BIITECH Solutions IT Technology Washington, DC

Develop, review, and evaluate Security Plan based on NIST Special Publications

Work with engineers and developers to incorporate the best security safeguard and practice

Develop POA&M (Plan of Action & Milestones) document to take corrective actions resulting from ST&E (System Test & Evaluation)

Review, analyze and document scan results and ensure immediate remediation of critical and high vulnerabilities via emergency change request (CR)

Collect supporting artifacts for submission of Security Change Request (SCR) to the change management board

Review vulnerability scans and create remediation plan for weaknesses based on priorities

Developed security metrics and technical analysis to give insight into performance and trends.

Performed network troubleshooting to isolate and diagnose common problems.

Liaised with third parties to respond to security events and understand threat landscape.

Created policies and procedures for emerging security technologies and proposals.

Travelled to client sites to perform onsite testing.

Created frameworks by designing and developing technical solutions.

Designed, installed, and configured email encryption gateways with data loss prevention.

Engaged business and technology stakeholders to gather goals and requirements.

Prepared variety of different written communications, reports, and documents.

Maintained documentation of security and disaster recovery policies and procedures. Provided technical support related to security product installation and use

Collect and evaluate assessment artifacts to determine compliance with the NIST requirements

Information Technology Specialist - Consultant Aug 2012 – Oct 2014

BIITECH Solutions IT Technology Washington, DC

Provide support for the Information Technology (IT) Help Desk.

Image new computers and ensure that all configurations and settings meet organizational standards.

Work with the help desk support staff to triage IT issues and record them in ticket tracking system.

Prioritize issues based on standard operating procedures and service level agreements.

Follow standard operating procedures to resolve customer questions/problems concerning automation systems, software/hardware issues, password security violations, telecommunication troubles and work orders

Installs, maintains, repairs and replaces IT hardware and office productivity software, including network devices, servers, storage (SAN) and backup systems.

Setup and support of end user computers, other devices (e.g., printers, scanners, mobile devices), and office productivity software; ensure access controls for end user operations; ensures computer images are those built by Windows. Oversees the development and maintenance of Helpdesk ticketing, problem resolution, and asset tracking systems in support of help desk operations.

Develop, coordinate, and assist in the operation of IT equipment.

Point of contact and responsible person when setting up new offices with IT systems or expanding existing offices or refreshing computers and other end user devices.

Install new software versions and updates and configure hardware and/or user systems for effective integration of software systems

Perform upgrades of hardware to include memory, fix storage, and install network interface cards (NIC) or enhancement cards

Interact with users to ensure proper operation of computer systems, hardware, and software.

Automate repetitive tasks such as ghosting software images and software.

INFORMATION TECHNOLOGY COMPETENCY

Technical support

Firewalls

VMware

Microsoft Active Directory

Authentication

Switches and Routers

Windows OS

Polycom systems

VPNs and IP connectivity

Local Area Networks

Networking and Telephony

SharePoint

Contact this candidate